all repos — website @ a961bc284bb130e44468c07aaaa028652c151e08

My website

Squashed 'themes/bear/' changes from fe37fcf..d10630d d10630d Hash inline style in CSP f51202d Allow end-user to disable CSP header meta tags without editing theme 093ac10 Add form-action and base-uri CSPs 4c9ac0a Update base_url eed984f Merge dark/light screenshots into one 099acbd Add "deploy to netlify" button 0800ba2 Update demo URL 9a344d8 Add meta description 241f290 Remove ignored CSP content 53d198f Move demo site to netlify 3423985 Add netlify status badge to readme edfec31 Configure headers for netlify a1bcb91 Add netlify.toml d69e95a Add content-security-policy header-equivalent meta tag 1706ade Linkify demo URL 141c10c Merge pull request 'Update 'theme.toml'' (#1) from jakeg/zola-bearblog:main into main 6b275f6 Update 'theme.toml' REVERT: fe37fcf Merge branch 'main' into microformats2 REVERT: 40881d1 Merge branch 'main' into microformats2 REVERT: 2ca8f6c Merge branch 'main' into microformats2 REVERT: dad7895 Merge branch 'main' into microformats2 REVERT: cdd1069 Move header/footer/main elements into child templates git-subtree-dir: themes/bear git-subtree-split: d10630da50a2b0e005ef0499190cc5cc898f0b06

Alan Pearce
commit

a961bc284bb130e44468c07aaaa028652c151e08

parent

fe37fcf3daa0eaafc1236050ac95b5d4ba21bcd2

1 file changed, 25 insertions(+), 0 deletions(-)

changed files
A netlify.toml
@@ -0,0 +1,25 @@
+[build]
+publish = "public"
+command = "zola build"
+
+[build.environment]
+# Set the version name that you want to use and Netlify will automatically use it.
+ZOLA_VERSION = "0.17.2"
+
+# The magic for deploying previews of branches.
+# We need to override the base url with whatever url Netlify assigns to our
+# preview site.  We do this using the Netlify environment variable
+# `$DEPLOY_PRIME_URL`.
+
+[context.deploy-preview]
+command = "zola build --base-url $DEPLOY_PRIME_URL"
+
+[[headers]]
+  for = "/*"
+  [headers.values]
+    X-Frame-Options = "DENY"
+    X-Content-Type-Options = "nosniff"
+    X-XSS-Protection = "1; mode=block"
+    Referrer-Policy = "strict-origin-when-cross-origin"
+    Strict-Transport-Security = "max-age=63072000; includeSubdomains"
+    Content-Security-Policy = "default-src 'none'; img-src 'self'; object-src 'none'; script-src 'none'; style-src 'sha256-2Sbht7dvdhJX00j84akXy9AejYUf6sOM3OpwMxNiDXQ='; form-action 'none'; base-uri 'self'; frame-ancestors 'none'"